Authentication and Endpoints
Flare's API is available at https://api.flare.io.
Requests are authenticated with JSON Web Tokens.
API usage exceeding 1 request per second is subject to Flare's API rate limit. Enforced limits receive a RATELIMIT_REACHED error message with the status code 429.
Users can generate API keys by visiting their Profile page under the "API Keys" section.
The API Key is used as the authentication password with an empty username value.
Tokens are obtained using Flare credentials or API Keys.
Tokens Expire after 1 hour.
The generate endpoint returns:
- token in the JSON body of the response and in the cookies
- refresh_token in the cookies
Make sure you leave the username empty. The API Key should be in the password field of basic auth.
- 200 OK - No error. A token was returned.
- 403 Forbidden - Unauthorized. The provided username and password don't have API access.
POST /tokens/refresh
The refresh endpoint may be used to refresh an expired token or to obtain a new token for another tenant.
The refresh token endpoint returns:
- token in the JSON body of the response and in the cookies
- refresh_token in cookies
Example Request:
GET /token/test
Test a token.